Advance phishing with IDN Homograph Attack

Begin Learning Cyber Security for FREE Now!

An IDN Homograph Attack is a technique of spoofing a domain name with similar looking character using UNICODE character. For example http://ĝoogle.com — ĝ not g , http://ḃing.com — ḃ not b, http://asĸ.com

— ĸ not k

Steps for the Attack

Clone in to the following github URL : https://github.com/UndeadSec/EvilURL.git

Move to your EvilURL directory and type “python evilurl.py”

In Insert name options insert your target site name for example i am going to use Google ,and in domain level insert what level of domain you want to spoof as i am choosing .com

Now we got our Homograph URL

Above you can see domain name has been spoof with different characters.In MORE EXTENSIVE URL we can see more character has replaced with Unicode characters, let see what happens if i type this URL in my browser.

So first I will choose a Unicode URL and will paste it to my browser and see what happens

And now as you can see when i paste to browser it converted to punycode which is a encoding method for converting Unicode character to ASCII.

You can now use any of these spoofed url for a phishing attack by registering them .

You can mitigate them by using punycode and be extra careful by clicking a URL

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.